[helta]

I'm pretty sure you are splitting hairs bro.

[MrMC]

HAHAHAA, this is one reason why MrMC fork stripped out python addons

No control over what they do. The implementation is completely broke. Sometimes too much freedom is bad.

There is absolutely no reason for any addon to reach outside it's little box and screw around with the outside world.

[trogggy]

There is absolutely no reason for any addon to reach outside it's little box and screw around with the outside world.

How about because that's what you want it to do?

[Paranoidjack]

..

[MrMC]

There is absolutely no reason for any addon to reach outside it's little box and screw around with the outside world.

How about because that's what you want it to do?

I think some people seriously underestimate the number of malicious people out there that have zero morals. It is only a matter of time before the real bad guys start targeting this huge exploit. I can easily see the appearance of some addon that looks and smells like those out there now. Inside is a daemon that starts snooping the device and exploring your other devices inside your nice firewall'ed local network. Don't laugh, it is trivial to do this.

[Koying]

I think some people seriously underestimate the number of malicious people out there that have zero morals. It is only a matter of time before the real bad guys start targeting this huge exploit.

Those installing random Kodi addons from random places, I can imagine they are already virus and trojans ridden anyway

[Paranoidjack]

I think some people seriously underestimate the number of malicious people out there that have zero morals. It is only a matter of time before the real bad guys start targeting this huge exploit.

Those installing random Kodi addons from random places, I can imagine they are already virus and trojans ridden anyway

I suspect so too - but it's near impossible to make them learn unless they're a victim of their own doing.

[Tolriq]

I suspect so too - but it's near impossible to make them learn unless they're a victim of their own doing.

Users never learns

I know a client, whose whole employees had "education" about virus risks from mails and all those.

Then one day 1 user opened a mail with a crypto ransom ware, 1 day work lost, restore backups, ....

Global end users communication, then 2 days later, same issue from another one.

I'll let you imagine what happened 5 days after.

At least now direction invested in security But users would have continue to click

[host505]

It's not just the dev of an add-on that you have to trust. It's also where that add-on goes and do it's thing.
I remember a case recently with a very popular addon from a respected developer (in the 3rd party addons 'scene', that is) where a site admin didn't like the fact that the addon scraped his site to find content, so after a cat/mouse game he put some code in his site that when that addon tried to scrape it, it would force close kodi (or minimise, can't remember) and open up the user's browser to his page (on some platforms).
I just wonder what else he could have done.

[primaeval]

There is absolutely no reason for any addon to reach outside it's little box and screw around with the outside world.

How about because that's what you want it to do?

I think some people seriously underestimate the number of malicious people out there that have zero morals. It is only a matter of time before the real bad guys start targeting this huge exploit. I can easily see the appearance of some addon that looks and smells like those out there now. Inside is a daemon that starts snooping the device and exploring your other devices inside your nice firewall'ed local network. Don't laugh, it is trivial to do this.

At last, someone who really understands the danger. I'm going to have to seriously look into your fork.

However, there must be some sane compromise solution between dictatorship and anarchy for Kodi addons. Locking out every addon is keeping a world of talent and content out of reach.

[jmh2002]

Even a trusted developer can decide to have a bit of a melt down for whatever reason (commonly it seems to be either other developers or ungrateful users upsetting them), throw all the toys out of the sandpit, and do something perhaps regrettable. This is also a concerning issue I think (rather than just addons that are perhaps clearly untrustworthy from the start).

Additionally, unfortunately Kodi's policy (which I understand is necessary) forces some addons to not be available in the official repo even if they are legitimate, or at least not malicious. This may also be region dependant of course as far as the user is concerned, since different policies and laws apply.

In fact if anything there seems to be a trend towards developers having their own repos and bypassing the official repo altogether, I guess for simplicity's sake, or something? I don't really know. Certainly some developers note that they appreciate the ability to more easily push regular updates/fixes from their own repo. I have a number of addons which I believe are legitimate as far as Kodi's policies are concerned, have threads here on kodi.org, and yet still require a separate private repo and therefore fall outside any protective screening which the official repo may offer.

This is a pity too.

[primaeval]

Even a trusted developer can decide to have a bit of a melt down for whatever reason (commonly it seems to be either other developers or ungrateful users upsetting them), throw all the toys out of the sandpit, and do something perhaps regrettable. This is also a concerning issue I think (rather than just addons that are perhaps clearly untrustworthy from the start).

Additionally, unfortunately Kodi's policy (which I understand is necessary) forces some addons to not be available in the official repo even if they are legitimate, or at least not malicious. This may also be region dependant of course as far as the user is concerned, since different policies and laws apply.

In fact if anything there seems to be a trend towards developers having their own repos and bypassing the official repo altogether, I guess for simplicity's sake, or something? I don't really know. Certainly some developers note that they appreciate the ability to more easily push regular updates/fixes from their own repo. I have a number of addons which I believe are legitimate as far as Kodi's policies are concerned, have threads here on kodi.org, and yet still require a separate private repo and therefore fall outside any protective screening which the official repo may offer.

This is a pity too.

I totally agree.
I try to abide by the rules here for addon development too, but while I am working up some ideas that need a quick turn-around I will just make a beta repo for them on Github. Half an hour after a user spots an error I can have a new release out.
If there was greater sandboxing I could offer more trust to beta testers.

[primaeval]

Its good to see these issues have prompted a warning on the front page.
https://kodi.tv/warning-be-aware-what-ad...u-install/

[trogggy]

There is absolutely no reason for any addon to reach outside it's little box and screw around with the outside world.

How about because that's what you want it to do?

I think some people seriously underestimate the number of malicious people out there that have zero morals. It is only a matter of time before the real bad guys start targeting this huge exploit. I can easily see the appearance of some addon that looks and smells like those out there now. Inside is a daemon that starts snooping the device and exploring your other devices inside your nice firewall'ed local network. Don't laugh, it is trivial to do this.

I'm not laughing - but I'm not that worried either tbh.
I'd rather have 'too much freedom' than your vision of a locked-down peice of software thankyou very much. If I install something malicious it's my responsibility.
Maybe a few scare stories wouldn't be the end of the world.

[MrMC]

hehe, tell that to the user that gets their identity sold, their ccards maxed, their bank accounts emptied and creditors hounding them. I'm sure they would appreciate that they have been given the complete freedom to do truly stupid things.

I'm sure the authors of strcpy would never envisioned that it would be used to trigger buffer overflows and gain root. Why would anyone in their right mind pass bogus strings into strcpy? The key is 'in their right mind'. The same is true here with addons. Good idea, bad implementation.